assig 2 - Assignment 2 1. Because of limited human...

Assignment 2 1. Because of limited human resources and financial, planning plays an important role in creating a better information security. information security planning divided in to two part 1_ organizational included in it are tactical planning, strategic planning, and operational planning. 2_ contingency planning included in it are incident response, disaster recovery and business continuity 9. CISO, is a lower position compare to CIO therefore, the planning it is more specific than CIO.the priority of the CISO and the information security management team focusing in structure of the strategic planning. 10. The different between the SecSDLC and general SDLC is the comprehensive structure. The general SDLC is a methodology to design and implement the information system, but the SecSDLC uses the SDLC to make a comprehensive security design and implementation information system 11. The primary objective of the SecSDLC is providing a comprehensive security design that meets the the response to a specific conditions – mentioned in the book as event-driven structure. Investigation: investigating the process, outcomes, goals of the project, and the budget in regard

This preview
has intentionally blurred sections.
Sign up to view the full version.